Closed GoogleCodeExporter closed 8 years ago
I believe it is supported in the underlying HTTP library used by RESTClient.
Can you
test it out?
Original comment by subwiz
on 27 Feb 2008 at 5:52
I tried connecting to https://dev.java.net/ .
It works:
http://flickr.com/photos/subwiz/2297501725/
And I discovered a little secret too: dev.java.net is hosted using JBoss, not
using
Glassfish :O !
Original comment by subwiz
on 28 Feb 2008 at 1:14
Marking the issue Invalid as the feature already exists.
Original comment by subwiz
on 29 Feb 2008 at 10:38
Yes, that's ok when you only have a server certificate. But it does not work if
i
need to authenticate myself with a certificate: i need to be able to specify a
keystore. This is the same kind of feature that is available under SOAPUI.
Original comment by cyrille....@gmail.com
on 5 Mar 2008 at 10:59
Makes sense...
I will look into it.
Original comment by subwiz
on 5 Mar 2008 at 11:04
I downloaded SoapUI 2.0.2. The requested feature is available in the menu:
File>Preferences>SSL Settings
Original comment by subwiz
on 5 Mar 2008 at 11:18
A simple and fast to learn tutorial on Java's support for SSL. Will need this
for
fixing the issue:
http://tvilda.stilius.net/java/java_ssl.php
Original comment by subwiz
on 5 Mar 2008 at 4:19
Some other details:
http://hc.apache.org/httpclient-3.x/sslguide.html
http://www.jdocs.com/httpclient/3.0.1/api-index.html?m=class&p=org.apache.common
s.httpclient.contrib.ssl&c=AuthSSLProtocolSocketFactory&render=classic
Original comment by subwiz
on 5 Mar 2008 at 4:35
Original comment by subwiz
on 8 Mar 2008 at 1:00
We should take Option input for:
1. truststore file
2. truststore password
3. keystore file
4. keystore password
These seem to be the input expected by the API. Is this correct @cyrille.puget?
Original comment by subwiz
on 17 Mar 2008 at 4:25
Yes, this is how it should be done.
In SOAPUI, they might have taken a shorcut since no trustore is required. The
might
do truststore = keystore internally.
Original comment by cyrille....@gmail.com
on 4 Apr 2008 at 10:05
Thanks for the detail. I will incorporate this feature in the next release.
Original comment by subwiz
on 9 Apr 2008 at 5:34
Revision 225: Http library changed to:
http://hc.apache.org/httpcomponents-client/
This has a neater implementation of SSL. SSL example for this API:
http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/module-client/sr
c/examples/org/apache/http/examples/client/ClientCustomSSL.java
Original comment by subwiz
on 25 Jul 2008 at 1:31
Rev. 226 has a basic implementation. Yet to do the file save part, browse
button for
selecting the truststore file.
Original comment by subwiz
on 25 Jul 2008 at 5:15
The binary with SSL support is available for download from here:
http://wiztools.org/project/RESTClient/restclient-3.0-SNAPSHOT-jar-with-dependen
cies.jar
@cyrille.puget, can you test this and tell me if it satisfies your requirement?
Original comment by subwiz
on 27 Jul 2008 at 2:02
Closing the issue on the assumption that it works!
Original comment by subwiz
on 5 Aug 2008 at 8:09
Hi ... I just started using REST Client 2.2
When am using 2-WAY SSL...it's not working...am getting peer not authenticated
exception.
When am using 1-way SSL ...am getting "not able to verify hostname" error.
Is there any "Ignore Hostname Verification" feature.
Pls tell me the correct procedure, if i have done anything wrong.
Original comment by somayaju...@gmail.com
on 22 Dec 2008 at 5:56
Thanks for pointing it out. I just found this in http client library (which is
used
by RESTClient):
http://hc.apache.org/httpcomponents-client/httpclient/apidocs/org/apache/http/co
nn/ssl/AllowAllHostnameVerifier.html
So I will incorporate this in next release. I have re-opened the issue too.
Original comment by subwiz
on 23 Dec 2008 at 4:46
Thanks...
Also, try to include the 2-way SSL feature as well.
By the way, when can we expect the next release?
Original comment by somayaju...@gmail.com
on 23 Dec 2008 at 5:15
Rev. 351 has the fix for Ignoring Hostname Verification.
I have used 2-way-SSL in RESTClient with success recently. Please check with
Rev.351
and verify if it works.
Rev.351 build is available here:
http://wiztools.org/project/RESTClient/restclient-2.3-SNAPSHOT-jar-with-dependen
cies.jar
A particular date for next release is not yet planned. But I think before end
of Jan
2009 it should be released.
Original comment by subwiz
on 23 Dec 2008 at 7:06
Thanks for the info...
Able to download restclient-2.3 and tested it against 1-way SSL.
It works fine.
But it fails when tried against 2-way SSL.
Attached the screen-shot of the error.
Could i request subwiz user to pls explain me the scenario against which he
could
succeed with 2-way SSL.
Pls go thru the error and let me know if i did any wrong/ give me the solution.
Thanks and wish you a Happy New Year
Original comment by somayaju...@gmail.com
on 31 Dec 2008 at 12:52
Attachments:
Thanks for sending in the details. I am looking into it...
Original comment by subwiz
on 3 Jan 2009 at 7:49
Any update on 2-way SSL feature?
Original comment by somayaju...@gmail.com
on 1 Jun 2009 at 7:26
2-way SSL is working for me. Can you try again? Can you verify if your
configuration
is correct?
Original comment by subwiz
on 4 Jun 2009 at 1:55
closing the issue as i have stopped receiving new complaints on this.
Original comment by subwiz
on 5 Sep 2010 at 3:40
r579 and r580 has the fix.
Original comment by subwiz
on 8 Jul 2012 at 9:17
Original issue reported on code.google.com by
cyrille....@gmail.com
on 26 Feb 2008 at 2:51